Are dark web monitoring services worth it?
Introduction
Chances are that you’ve seen ads for services offering dark web monitoring in the past few months. They promise to explore the dark web for your personal information to see if a hacker has listed it for sale. Since we live in a world where our private data is a key target for cybercriminals, it makes sense to build a safety net through proactive monitoring, right?
Well, it’s a sort of catch-22 situation. While it seems like a great idea to protect your identity in this way, you could end up paying for nothing if you make a decision without doing any research. So is a dark web monitoring service worth your investment? We’ll take a deeper look to find out.
Hands-on threat intel training
What is the dark web?
The dark web is an assortment of hidden websites that can only be accessed through specific software. Its name is often mentioned alongside the deep web, which is basically the part of the internet that is not indexed by search engines (like internal company databases and private websites). The dark web makes up a tiny portion of the deep web, and it’s where cybercriminals sell, publish or save the personal data of their victims.
The sites present on the dark web are typically hosted on anonymous servers. To access their webpages, you need to use an anonymous browser like Tor. When it comes to data, you can find anything from passports to credit card details being traded on the dark web. Buyers can also purchase what’s called a “Fullz,” essentially a bundle that includes the victim’s Social Security Number, date of birth, complete name, bank account number and a collection of other sensitive data for $20-$30 a pop.
But how do cybercriminals gain access to your personal information? Well, there are plenty of techniques available at their disposal. Tactics such as skimming, phishing and good old-fashioned eavesdropping can result in your info ending up on the dark web. Bigger hacking groups can even execute a large breach to steal the data of millions. Once they gain access to your information, adversaries will often resell it on the dark web.
How does dark web monitoring work?
Dark web monitoring services, like the one offered by Experian, usually involve web crawlers and scrapers that monitor P2P networks, websites and chat rooms where stolen information is being sold and advertised. Once they discover a match, they notify the company or account owner that their data has been compromised.
But here’s what service providers don’t tell you: Most of the stolen credentials they report on have already been abused, used and resold multiple times. It’s already too late for the user to do much about it. The only way to stop information from being illicitly used is to catch the hack or breach as soon as it happens, and no dark web monitoring tool claims to have this capability.
Moreover, some of these services aren’t scanning the whole dark web for your information. That’s just impossible to do because this part of the internet contains many potential website addresses. In many cases, the companies are just gathering the data dumps that are publicly available on the dark web. These are big databases of personally identifiable information stolen from individuals and published online.
So rather than exploring the deepest corners of dark web, the services are just searching through publicly disclosed information pertaining to stolen accounts and leaked passwords. Some of this information can be freely accessed through Have I Been Pwned and similar resources.
What are the alternatives?
If you think that dark web monitoring services aren’t right for you, there are other steps you can take to protect yourself against information theft. Below are some of the measures you can immediately implement.
- Create stronger passwords: Replace any weak passwords with new ones, especially for your most crucial accounts. A password generator can help create longer, more complex passwords. Also, make it a habit to change your passwords every 2-3 months
- Monitor your accounts: Check your bank, credit card and other financial statements every two weeks or so. If any information looks off, contact the financial institution that holds the account
- Get a copy of your credit report: Once you receive the report, look for signs of potential fraud, like a change of home address that you didn’t authorize, bank accounts or credit cards you never applied, or negative points, such as late payments, that are incorrect
- Freeze your credit report: If you’re worried that someone may abuse your Social Security Number, consider freezing your credit reports. You can do this as well as unfreeze reports free of charge. By freezing it for now, you’re preventing adversaries from opening credit in your name. Any financial institution or bank won’t be able to take your credit until you share a PIN or unfreeze it
- Use free resources: Besides all of the previous steps, you can educate yourself on the type of information that is usually targeted and what can be done in case you become a victim. Services like Breach Clarity (launched by The Identity Theft Resource Center) can help you identify the type of private data exposed in a breach and what steps you can take to deal with it
Conclusion
Dark web monitoring services will inform you when your personal information or accounts are discovered on the dark web. However, your best recourse is to implement the tactics that don’t require any payment on your part. We recommend that you assume your data is already being traded on the dark web and take action accordingly.
But if you must use dark web monitoring (such as because your boss or manager wants you to), use your better judgment to decide whether or not to purchase a certain service. You may discover that the additional services offered by a provider, like those offered by LifeLock, are well worth the cost by themselves and that dark web monitoring is an additional bonus. Regardless of the route you take, it’s always a good idea to take care of your personal information.
Hands-on threat intel training
Sources
In this Series
- Are dark web monitoring services worth it?
- Dark Web hacking tools: Phishing kits, exploits, DDoS for hire and more
- Dependency confusion: Compromising the supply chain
- BendyBear: A shellcode attack used for cyberespionage
- ATP group MontysThree uses MT3 toolset in industrial cyberespionage
- BlackBerry exposes threat actor group BAHAMUT: Cyberespionage, phishing and other APTs
- Top 9 cybercrime tactics, techniques and trends in 2020: A recap
- KashmirBlack botnet targets WordPress, Joomla and other popular CMS platforms
- BAHAMUT: Uncovering a massive hack-for-hire cyberespionage group
- Linux security and APTs: Identifying threats and reducing risk
- Top 6 ransomware strains to watch out for in 2020
- 2020 Verizon data breach investigations report: Summary and key findings for security professionals
- How hackers use CAPTCHA to evade automated detection
- The State of Ransomware 2020: Key findings from Sophos & Malwarebytes
- Dark web fraud: How-to guides make cybercrime too easy
- Top 6 malware strains to watch out for in 2020
- Top Cybersecurity Predictions for 2020
- Malware spotlight: What is click fraud?
- What does dark web monitoring really do?
- ThreatMetrix Cybercrime Report: An interview
- Cybercrime and the underground market [Updated 2019]
- Verizon DBIR 2019 analysis
- Common causes of large breaches (Q1 2019)
- The Magecart Cybercrime Group Is Threatening E-Commerce Websites Worldwide
- Russian Cyberspies Target 2018 U.S. Midterm Elections
- The Increasing Threat of Banking Trojans and Cryptojacking
- Leaders’ Meetings: A Privileged Target for Hackers
- Fraud as a Service (FaaS): Everything You Need to Know
- All about SamSam Ransomware
- The Decline of Ransomware and the Rise of Cryptocurrency Mining Malware
- Mechanics Behind Ransomware-as-a-Service
- The Art of Fileless Malware
- ZLAB MALWARE ANALYSIS REPORT: RANSOMWARE-AS-A-SERVICE PLATFORMS
- Which Are the Most Exploited Flaws by Cybercriminal Organizations?
- 5 New Threats Every Organization Should be Prepared for in 2018
- Memcrashed: The Dangerous Trend Behind the Biggest DDoS Attack Ever
- Open source threat intelligence tools & techniques
- Global Cost of Cybercrime on the Rise
- An Enterprise Guide to Using Threat Intelligence for Cyber Defense
- The Five Largest Ransomware Attacks of 2017
- Intellectual Property Crimes in the Dark Web
- Top 5 Smartest Malware Programs
- Is Russian Intelligence Using Tainted Software to Access Corporate and Government Networks?
- Vault 7 Leaks: Inside the CIA's Secret Kingdom (July-August 07)
- DragonFly 2.0: The Alleged Nation-State Actor Hits the Energy Sector Again
- Russian APT Groups Continue Their Stealthy Operations
- Massive Petya Attack: Cybercrime or Information Warfare?
- SAP SECURITY FOR CISO: SAP Attacks and Incidents
- Role of Threat Intelligence in Business World
- WikiLeaks Vault 7 Data Leak: Another Earthquake in the Intelligence Community
- Past and Present Iran-linked Cyber-Espionage Operations
Get certified and advance your career
- Exam Pass Guarantee
- Live instruction
- CompTIA, ISACA, (ISC)², Cisco, Microsoft and more!
Threat Intelligence
Dark Web hacking tools: Phishing kits, exploits, DDoS for hire and more
Threat Intelligence
Threat Intelligence
Threat Intelligence
ATP group MontysThree uses MT3 toolset in industrial cyberespionage